rlsnyder asks:
"I'm the inadvertant co-administrator of e-mail a for company that relies pretty heavily on it for daily business (e.g. sending confirmations of financial transactions). At one point in the not-too-distant past, our server was an open relay. I admit I'm a sinner for letting it happen, and I'm ready to do my pennance. Given the relatively low volume of mail our server moved that did not originate from inside, I doubt I was a major contributor to the world of SPAM. In any event, we've been blacklisted on a number of sites. Some lists have reasonable policies, and we've since been removed. Other places are a little more arbitrary as to removal policies, and although I can prove we're not a relay, we're still listed." While I approve of the basic concept of SPAM Blacklists, there are dozens of SPAM blacklists out there who are real keen on adding open relays to the list, but not so keen on taking rehabilitated hosts out. I would posit that SPAM blacklists that are not properly maintained are a part of the problem, not the solution. What are your thoughts on the subject?
rlsynder continues: "Am I way off base here, or is this self-appointed mail police thing going in the wrong direction? Given that I can't reliably deliver e-mail to a number of places due to being blocked, I've got a big exposure. Is this making spam less of a problem, or are we trading one problem (SPAM) for another (the reliablility of proper maintenance of SPAM Blacklists)?
I could draw a bunch of analogies here, but isn't the bottom line that no one owns the internet e-mail system? I realize no one makes ISP's subscribe to the blacklists, but basically, I'm trying to move data from one point to another, and some machines in the middle are discriminating against my data because a corrected, perfectly legal system configuration error. How is this helping? Has SPAM really decreased universally thanks to these lists?"
Slashdot Mirror
When I used to manage a mail server, I was asked to filer based on orbs. Not did this in no significant way limit the amount of spam entering the system, it became a huge administrative headache. Eventually, we stopped using the lists. I am sure there are likely better lists, but I simply prefer creating my own list, based on investigation into what's coming in.
OK, you've fixed your mail relay(s)..
This is a good thing - and what every blacklist's ultimate goal is.
Speaking as a mail server admin, I'd be interested to know which lists are not removing you - so that I can make sure I'm not using them.
Seriously - letting people know about this is the best way to get what you want. If your site is not a relay, any blacklist maintainer is doing their users a disservice by listing you.
As a mail admin, I'd want to know.
Alternatively, you could do the American thing and threaten a lawsuit - most blacklist operators are immune from libel charges because they're just listing people who operate open relays (truth is defense against libel) - if you're not an open relay, then you've got a good case for libel: they're deliberately publishing false information to hurt your business.
The real question is did you only close down the open relay because of the black list? If that is the case then the black list did the job.
I agree that some BL's are not properly managed. The old ORBS system was a perfect example of this. They would add you if you were an open relay, but getting OUT of the database was pretty much impossible if the guy that ran it didn't like you or your attitude toward his "service".
One of my mail servers ended up on ORBZ as well as ORDB because I had made a mistake in the configuration, and I corrected it and was promptly removed after submitting a re-test request.
I now employ the use of RBL on my own servers, but I will only use those services which will remove "fixed" servers using an automated testing system that works properly. ORDB, ORBZ and Osirisoft's RBL's tend to be the best AFAIK. I have found that by using these systems, the level of SPAM that my users and I receive has dropped to a point where it's not entirely annoying or time-consuming to deal with it anymore.
One RBL that I stay away from using is the one operated by SpamCop (bl.spamcop.com). It's a great idea, but it ends up blocking out too much "real" e-mail as well, esp from the larger ISP's like Comcast, etc.
My employer's corporate office email system is an open relay, so that outlying offices (like ours) can send email, and so the company can track what we're doing.
Recently, spammers have discovered our open system and have been relaying at a furious rate (read: thousands of emails a day.) This caused *our* email to get reflected back to us most of the time, and it also got my employer's domain on several spammer blacklists. This is such a problem, that the corporate office recently switched ISPs over it.
Now, with the new ISP, the IT guys have "cracked down on security" by banning relaying...for 1/2 the day. In the mornings we can send all the email we want (and so can the spammers), but after we all get back from lunch, no more email can be sent out. My employer is baffled why we can't get off of the blacklists, even after the move to the new ISP. I just laugh and goof off for the rest of the afternoon.
I'm all for an appeals process of some sort in order to get off of spam blacklists, but some companies do deserve to stay there, as long as their habits and policies don't radically change.
not_anne
My comments here are my own; I do not speak for my employer.
a self maintaining blacklist. if you get blacklisted and then fix it, you go to a webpage that you submit that you're fixed. then the system simply uses a seperate computer that is NOT on the webpages domain and tries to relay email. if the relay happened then the blacklisted site is still blacklisted, otherwise it is automatically removed.
Maybe 100 lines in perl to accomplish this. no real effort required.
Do not look at laser with remaining good eye.
Bankrupt a few spammers, show others it is not cheap to spam. Maybe get some charged criminally.
All spammers should be tortured, then executed.
Fight Spammers!
IMHO, Blacklists are just a small band-aid on the gaping wound that is SMTP. SPAM has proliferated to the point where it needs to be dealt with in a more sane manner than just punishing the offenders.
I'm usually all for privacy, but I think we need to be using an email transport protocol that involves some form of authentication. I'm not sure if some such protocol exists already, but it doesn't seem like it would be too hard to create.
Am I way off base here, or wouldn't this cut way down on SPAM?
"Don't blame me, I voted for Kodos!"
Not removing now closed relays from the list is like not releasing prisoners from jail. Something which might or might not be a good idea...
That's assuming that you consider the list to be a punishment. I believe that they are information sources -- IP X was, and may still be, an open relay.
Also, I think the usefulness of DBs like ORBD lies in them staying current, as I think it might cost more losing one important mail than wading through tons of spam.
I agree. But keeping the open-relay databases current is not a responsibility the database providers have to those listed in the databases. It may affect the popularity and usefulness of their service, but that's another matter altogether.
If some person/group decides to create such a database, they have only the following two responsibilities:
1. Do not defame/slander by listing a system incorrectly. That said, they make up the rules and if they say their databases are "IP addresses that were open relays within the last six months", they have up to six months after a relay is closed to remove the record from the database.
2. Provide services paid for. If they accept payments to remove entries within, say, 24 hours (rather than the normal cycle), they have to remove those entries within 24 hours. Otherwise, they can remove them in conformance with the criteria that they set (see item 1).
Again, you are viewing this as punishment and I'm viewing it as information. Since ORDB does not block e-mail, harass ISPs listed in the database, etc., they aren't punishing. They are just providing information Now if bobco.com rejects your e-mail because your IP is listed in the ORDB, then maybe bobco.com is punishing you, but ORDB is not.
you very much can have an smtp server that does not listen on a tcp port, but it can only be used for outgoing mail. Many people use this configuration with sendmail so they can send mail directly from there workstation, but recive mail on another system. Sendmail is just invoked from the command line, so it doesnt need to listen on a tcp port.
-- free as in swatantryam - not soujanyam.
An open relay is not necessary in order to make email function at the outlying offices. You don't even need a VPN. The mail server can be configured with the static IP addresses of each of the offices as valid "local" addresses. Of course a VPN is much better as that also improves your security.
As confirmed by another of your postings, your company management are morons who have apparently hired idiots for the IT department. Obviously you recognize it, and can leave if you feel that is necessary, or can stay as long as you can deal with it, and are not blamed for it. Should they ever offer to promote you into IT, be sure you insist that you be given the authority to fix the problems with no further permission from management to go ahead.
now we need to go OSS in diesel cars